where is my randomness?
Matthew Dillon
dillon at apollo.backplane.com
Tue Jan 24 10:09:44 PST 2006
:<Snip/>
:> and why is openssl happy with this in the first place?
:> openssh/openssl shouldn't even get to produce a private/public key
:> pair without randomness?
:<Snip/>
:
:Does this mean all DragonFly hosts have the same private/public key?
:
:Adrian
It looks like we do have an issue. Keyboard randomness is still being
added, but it looks like the interrupt randomness is not... it has to
be turned on with the rndcontrol utility. That means the only
entropy is going to be the pool hash that occurs when random data is
read, which is extremely weak.
I am getting different patterns from /dev/urandom on boot, but the
results are definitely going to be extremely weak.
I will work on fixing this today.
-Matt
Matthew Dillon
<dillon at xxxxxxxxxxxxx>
More information about the Users
mailing list